Date: Mon, 02 Jun 2003 11:36:53 -0400 From: Mike Tancsa <mike@sentex.net> To: security@freebsd.org Subject: sbsize and local DoS issue via kernel panic Message-ID: <5.2.0.9.0.20030602113454.047e4088@209.112.4.2>
next in thread | raw e-mail | index | archive | help
I noticed with active ftp clients (specifically IMP's .forward modification plugin), an sbsize of something under 32M in /etc/login.conf on the target server now gives Can't create data socket (M-^A> (^A,_<F5>^R(^C): No buffer space available. in the ftp logs. What is a safe value to prevent users from abusing the system by eating up all mbufs ? There is a local DoS if sbsize was left as unlimited. (http://groups.google.ca/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&threadm=20000603234039.X17973_fw.wintelcom.net%40ns.sol.net&rnum=2&prev=/groups%3Fhl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dsbsize%2Bfreebsd%2Bdos) 32MB seems like an oddly large number for just a small ftp session. This changed sometime between Jan 21st and Feb 15th it would seem. Previously an sbzise of :sbsize=512K:\ would work just fine. Not sure if its ftpd or something in the kernel ? Is there any way for an active ftp session to work as well as protecting my system from a local DoS ? ---Mike -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.2.0.9.0.20030602113454.047e4088>